package org.wso2.am.integration.tests.other;

import com.google.gson.Gson;
import java.net.URL;
import java.rmi.RemoteException;
import java.util.ArrayList;
import java.util.HashMap;
import javax.xml.xpath.XPathExpressionException;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.cxf.staxutils.PropertiesExpandingStreamReader;
import org.springframework.beans.propertyeditors.CustomBooleanEditor;
import org.testng.Assert;
import org.testng.annotations.AfterClass;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.DataProvider;
import org.testng.annotations.Factory;
import org.testng.annotations.Test;
import org.wso2.am.integration.clients.publisher.api.v1.dto.APIDTO;
import org.wso2.am.integration.clients.publisher.api.v1.dto.DocumentDTO;
import org.wso2.am.integration.test.impl.RestAPIPublisherImpl;
import org.wso2.am.integration.test.impl.RestAPIStoreImpl;
import org.wso2.am.integration.test.utils.APIManagerIntegrationTestException;
import org.wso2.am.integration.test.utils.bean.APIRequest;
import org.wso2.am.integration.test.utils.http.HTTPSClientUtils;
import org.wso2.am.integration.tests.api.lifecycle.APIManagerLifecycleBaseTest;
import org.wso2.carbon.automation.engine.context.TestUserMode;
import org.wso2.carbon.automation.test.utils.http.client.HttpResponse;
import org.wso2.carbon.integration.common.admin.client.UserManagementClient;
import org.wso2.carbon.user.mgt.stub.UserAdminUserAdminException;
import org.wso2.carbon.utils.multitenancy.MultitenantUtils;

/* loaded from: input_file:org/wso2/am/integration/tests/other/DevPortalVisibilityTestCase.class */
public class DevPortalVisibilityTestCase extends APIManagerLifecycleBaseTest {
    private static final Log log = LogFactory.getLog(DevPortalVisibilityTestCase.class);
    UserManagementClient userManagementClient1;
    private RestAPIPublisherImpl pubSubUserPublisher;
    private RestAPIStoreImpl pubSubUserStore;
    private RestAPIStoreImpl devUser1;
    private RestAPIStoreImpl devUser2;
    private RestAPIStoreImpl devUser3;
    private String apiId;
    private String contextUsername = "admin";
    private final String EMAIL_DOMAIN = "@gm.co";
    private final String AT = PropertiesExpandingStreamReader.DELIMITER;
    private final String INTERNAL_CREATOR = "Internal/creator";
    private final String INTERNAL_PUBLISHER = "Internal/publisher";
    private final String INTERNAL_SUBSCRIBER = "Internal/subscriber";
    private final String USER_PASSWORD = "123123";
    private final String[] OLD_ROLE_LIST = {"Internal/publisher", "Internal/creator", "Internal/subscriber", "Internal/everyone", "role1"};
    private String DEV_USER_A = "dusera";
    private String DEV_USER_B = "duserb";
    private String DEV_USER_C = "duserc";
    private String PUB_SUB_USER = "pbsbusr";
    private String DEV_USER_A_ROLE = "rolex";
    private String DEV_USER_B_ROLE = "roley";
    private final String[] PUB_SUB_USER_ROLES = {"Internal/publisher", "Internal/creator", "Internal/subscriber", "Internal/everyone"};
    private final String EP_URL = "http://gdata.youtube.com/feeds/api/standardfeeds";
    private String APINAME = "VisA";
    private String CONTEXT = "ctx9";
    private String VERSION = CustomBooleanEditor.VALUE_1;
    private final String STORE_BASE_PATH = "api/am/devportal/v2/apis/";

    /* JADX WARN: Type inference failed for: r0v1, types: [java.lang.Object[], java.lang.Object[][]] */
    @DataProvider
    public static Object[][] userModeDataProvider() {
        return new Object[]{new Object[]{TestUserMode.SUPER_TENANT_ADMIN}, new Object[]{TestUserMode.TENANT_ADMIN}, new Object[]{TestUserMode.SUPER_TENANT_USER_STORE_USER}, new Object[]{TestUserMode.SUPER_TENANT_EMAIL_USER}, new Object[]{TestUserMode.TENANT_EMAIL_USER}};
    }

    @Factory(dataProvider = "userModeDataProvider")
    public DevPortalVisibilityTestCase(TestUserMode testUserMode) {
        this.userMode = testUserMode;
    }

    @BeforeClass
    public void initTestCase() throws APIManagerIntegrationTestException, XPathExpressionException, RemoteException, UserAdminUserAdminException {
        super.init(this.userMode);
        this.publisherURLHttp = this.publisherUrls.getWebAppURLHttp();
        this.storeURLHttp = this.storeUrls.getWebAppURLHttp();
        this.contextUsername = this.keyManagerContext.getContextTenant().getContextUser().getUserName();
        this.userManagementClient1 = new UserManagementClient(this.keyManagerContext.getContextUrls().getBackEndUrl(), this.keyManagerContext.getContextTenant().getTenantAdmin().getUserName(), this.keyManagerContext.getContextTenant().getTenantAdmin().getPassword());
        if (TestUserMode.TENANT_EMAIL_USER.equals(this.userMode) || TestUserMode.SUPER_TENANT_EMAIL_USER.equals(this.userMode)) {
            this.DEV_USER_A += "@gm.co" + PropertiesExpandingStreamReader.DELIMITER + this.keyManagerContext.getContextTenant().getContextUser().getUserDomain();
            this.DEV_USER_B += "@gm.co" + PropertiesExpandingStreamReader.DELIMITER + this.keyManagerContext.getContextTenant().getContextUser().getUserDomain();
            this.DEV_USER_C += "@gm.co" + PropertiesExpandingStreamReader.DELIMITER + this.keyManagerContext.getContextTenant().getContextUser().getUserDomain();
            this.PUB_SUB_USER += "@gm.co" + PropertiesExpandingStreamReader.DELIMITER + this.keyManagerContext.getContextTenant().getContextUser().getUserDomain();
        } else if (TestUserMode.SUPER_TENANT_USER_STORE_USER.equals(this.userMode)) {
            this.DEV_USER_A = "secondary/" + this.DEV_USER_A;
            this.DEV_USER_B = "secondary/" + this.DEV_USER_B;
            this.DEV_USER_C = "secondary/" + this.DEV_USER_C;
            this.PUB_SUB_USER = "secondary/" + this.PUB_SUB_USER;
            this.DEV_USER_A_ROLE = "secondary/" + this.DEV_USER_A_ROLE;
            this.DEV_USER_B_ROLE = "secondary/" + this.DEV_USER_B_ROLE;
        }
        this.userManagementClient1.addRole(this.DEV_USER_A_ROLE, new String[0], new String[0]);
        this.userManagementClient1.addRole(this.DEV_USER_B_ROLE, new String[0], new String[0]);
        this.userManagementClient1.addUser(this.DEV_USER_A, "123123", new String[]{"Internal/subscriber", this.DEV_USER_A_ROLE}, this.DEV_USER_A);
        this.userManagementClient1.addUser(this.DEV_USER_B, "123123", new String[]{"Internal/subscriber", this.DEV_USER_B_ROLE}, this.DEV_USER_B);
        this.userManagementClient1.addUser(this.DEV_USER_C, "123123", new String[]{"Internal/subscriber"}, this.DEV_USER_C);
        this.userManagementClient1.addUser(this.PUB_SUB_USER, "123123", new String[]{"Internal/publisher", "Internal/subscriber", "Internal/creator"}, this.PUB_SUB_USER);
        this.pubSubUserPublisher = new RestAPIPublisherImpl(this.PUB_SUB_USER, "123123", this.keyManagerContext.getContextTenant().getDomain(), this.publisherURLHttps);
        this.pubSubUserStore = new RestAPIStoreImpl(this.PUB_SUB_USER, "123123", this.keyManagerContext.getContextTenant().getDomain(), this.storeURLHttps);
        this.devUser1 = new RestAPIStoreImpl(this.DEV_USER_A, "123123", this.keyManagerContext.getContextTenant().getDomain(), this.storeURLHttps);
        this.devUser2 = new RestAPIStoreImpl(this.DEV_USER_B, "123123", this.keyManagerContext.getContextTenant().getDomain(), this.storeURLHttps);
        this.devUser3 = new RestAPIStoreImpl(this.DEV_USER_C, "123123", this.keyManagerContext.getContextTenant().getDomain(), this.storeURLHttps);
    }

    @Test(groups = {"wso2.am"}, description = "This test case tests the retrieval of API which was added without dev portal visibility")
    public void testAnonymousUserAccessDevPortalAPI() throws Exception {
        APIRequest aPIRequest = new APIRequest(this.APINAME, this.CONTEXT, new URL("http://gdata.youtube.com/feeds/api/standardfeeds"));
        aPIRequest.setVersion(this.VERSION);
        this.apiId = createAndPublishAPIUsingRest(aPIRequest, this.pubSubUserPublisher, false);
        waitForAPIDeploymentSync(this.contextUsername, this.APINAME, this.VERSION, "\"isApiExists\":true");
        Assert.assertEquals(((APIDTO) new Gson().fromJson(this.pubSubUserPublisher.getAPI(this.apiId).getData(), APIDTO.class)).getId(), this.apiId, "API Id is not equal");
        HashMap hashMap = new HashMap();
        hashMap.put("X-WSO2-Tenant", MultitenantUtils.getTenantDomain(this.contextUsername));
        HttpResponse doGet = HTTPSClientUtils.doGet(this.storeURLHttps + "api/am/devportal/v2/apis/" + this.apiId, hashMap);
        log.info("Response " + doGet.getData());
        Assert.assertEquals(doGet.getResponseCode(), 200, "Public API cannot be accessed by anonymous user");
    }

    @Test(groups = {"wso2.am"}, description = "This test case tests the retrieval of API which was added with dev portal visibility.", dependsOnMethods = {"testAnonymousUserAccessDevPortalAPI"})
    public void testRestrictedDevPortalAPIAccess() throws Exception {
        APIDTO apidto = (APIDTO) new Gson().fromJson(this.pubSubUserPublisher.getAPI(this.apiId).getData(), APIDTO.class);
        apidto.setVisibility(APIDTO.VisibilityEnum.RESTRICTED);
        ArrayList arrayList = new ArrayList();
        arrayList.add(this.DEV_USER_A_ROLE);
        apidto.setVisibleRoles(arrayList);
        this.pubSubUserPublisher.updateAPI(apidto);
        waitForAPIDeploymentSync(this.contextUsername, this.APINAME, this.VERSION, "\"isApiExists\":true");
        Assert.assertEquals((String) ((APIDTO) new Gson().fromJson(this.pubSubUserPublisher.getAPI(this.apiId).getData(), APIDTO.class)).getVisibleRoles().get(0), this.DEV_USER_A_ROLE, "API visibility not updated.");
        HashMap hashMap = new HashMap();
        hashMap.put("X-WSO2-Tenant", MultitenantUtils.getTenantDomain(this.contextUsername));
        HttpResponse doGet = HTTPSClientUtils.doGet(this.storeURLHttps + "api/am/devportal/v2/apis/" + this.apiId, hashMap);
        log.info("Response " + doGet.getData());
        Assert.assertEquals(doGet.getResponseCode(), 404, "Restricted API can be accessed by anonymous user");
        Assert.assertTrue(StringUtils.isNotEmpty(this.devUser1.getAPI(this.apiId).getId()), "Restricted API not visible for the user with role " + this.DEV_USER_A_ROLE);
        HashMap hashMap2 = new HashMap();
        hashMap2.put("Authorization", "Bearer " + this.devUser2.getAccessToken());
        HttpResponse doGet2 = HTTPSClientUtils.doGet(this.storeURLHttps + "api/am/devportal/v2/apis/" + this.apiId, hashMap2);
        log.info("Response " + doGet2.getData());
        Assert.assertEquals(doGet2.getResponseCode(), 404, "Restricted API can be accessed by user with " + this.DEV_USER_B_ROLE + " role");
        HashMap hashMap3 = new HashMap();
        hashMap3.put("Authorization", "Bearer " + this.pubSubUserStore.getAccessToken());
        HttpResponse doGet3 = HTTPSClientUtils.doGet(this.storeURLHttps + "api/am/devportal/v2/apis/" + this.apiId, hashMap3);
        log.info("Response " + doGet3.getData());
        Assert.assertEquals(doGet3.getResponseCode(), 200, "Restricted API not visible for publisher user");
    }

    @Test(groups = {"wso2.am"}, description = "This test case tests the accessibility of documents on dev portal for restricted APIs", dependsOnMethods = {"testRestrictedDevPortalAPIAccess"})
    public void testRestrictedDevPortalDocumentAccess() throws Exception {
        DocumentDTO documentDTO = new DocumentDTO();
        documentDTO.setName("DocName");
        documentDTO.setSourceType(DocumentDTO.SourceTypeEnum.INLINE);
        documentDTO.setType(DocumentDTO.TypeEnum.HOWTO);
        documentDTO.setSummary("this is doc summary");
        documentDTO.setVisibility(DocumentDTO.VisibilityEnum.API_LEVEL);
        HttpResponse addDocument = this.pubSubUserPublisher.addDocument(this.apiId, documentDTO);
        String data = addDocument.getData();
        Assert.assertEquals(addDocument.getResponseCode(), 200, "Document creation faild for publisher");
        this.pubSubUserPublisher.addContentDocument(this.apiId, data, "Sample content");
        HashMap hashMap = new HashMap();
        hashMap.put("X-WSO2-Tenant", MultitenantUtils.getTenantDomain(this.contextUsername));
        HttpResponse doGet = HTTPSClientUtils.doGet(this.storeURLHttps + "api/am/devportal/v2/apis/" + this.apiId + "/documents/" + data, hashMap);
        log.info("Response " + doGet.getData());
        Assert.assertEquals(doGet.getResponseCode(), 404, "Restricted API doc can be accessed by anonymous user");
        HttpResponse doGet2 = HTTPSClientUtils.doGet(this.storeURLHttps + "api/am/devportal/v2/apis/" + this.apiId + "/documents/" + data + "/content", hashMap);
        log.info("Response " + doGet2.getData());
        Assert.assertEquals(doGet2.getResponseCode(), 404, "Restricted API doc content can be accessed by anonymous user");
        HashMap hashMap2 = new HashMap();
        hashMap2.put("Authorization", "Bearer " + this.devUser1.getAccessToken());
        HttpResponse doGet3 = HTTPSClientUtils.doGet(this.storeURLHttps + "api/am/devportal/v2/apis/" + this.apiId + "/documents/" + data, hashMap2);
        log.info("Response " + doGet3.getData());
        Assert.assertEquals(doGet3.getResponseCode(), 200, "Restricted API doc cannot be accessed by user with role " + this.DEV_USER_A_ROLE);
        HttpResponse doGet4 = HTTPSClientUtils.doGet(this.storeURLHttps + "api/am/devportal/v2/apis/" + this.apiId + "/documents/" + data + "/content", hashMap2);
        log.info("Response " + doGet4.getData());
        Assert.assertEquals(doGet4.getResponseCode(), 200, "Restricted API doc content cannot be accessed by user with role " + this.DEV_USER_A_ROLE);
        HashMap hashMap3 = new HashMap();
        hashMap3.put("Authorization", "Bearer " + this.devUser2.getAccessToken());
        HttpResponse doGet5 = HTTPSClientUtils.doGet(this.storeURLHttps + "api/am/devportal/v2/apis/" + this.apiId + "/documents/" + data, hashMap3);
        log.info("Response " + doGet5.getData());
        Assert.assertEquals(doGet5.getResponseCode(), 404, "Restricted API doc can be accessed by user with role " + this.DEV_USER_B_ROLE);
        HttpResponse doGet6 = HTTPSClientUtils.doGet(this.storeURLHttps + "api/am/devportal/v2/apis/" + this.apiId + "/documents/" + data + "/content", hashMap3);
        log.info("Response " + doGet6.getData());
        Assert.assertEquals(doGet6.getResponseCode(), 404, "Restricted API doc content can be accessed by user with role " + this.DEV_USER_B_ROLE);
        HashMap hashMap4 = new HashMap();
        hashMap4.put("Authorization", "Bearer " + this.pubSubUserStore.getAccessToken());
        HttpResponse doGet7 = HTTPSClientUtils.doGet(this.storeURLHttps + "api/am/devportal/v2/apis/" + this.apiId + "/documents/" + data, hashMap4);
        log.info("Response " + doGet7.getData());
        Assert.assertEquals(doGet7.getResponseCode(), 200, "Restricted API doc not visible for publisher user");
        HttpResponse doGet8 = HTTPSClientUtils.doGet(this.storeURLHttps + "api/am/devportal/v2/apis/" + this.apiId + "/documents/" + data + "/content", hashMap4);
        log.info("Response " + doGet8.getData());
        Assert.assertEquals(doGet8.getResponseCode(), 200, "Restricted API doc content not visible for publisher user");
    }

    @Test(groups = {"wso2.am"}, description = "This test case tests the accessibility of openapi spec on dev portal for restricted APIs", dependsOnMethods = {"testRestrictedDevPortalAPIAccess"})
    public void testRestrictedDevPortalOpenAPISpecAccess() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put("X-WSO2-Tenant", MultitenantUtils.getTenantDomain(this.contextUsername));
        HttpResponse doGet = HTTPSClientUtils.doGet(this.storeURLHttps + "api/am/devportal/v2/apis/" + this.apiId + "/swagger", hashMap);
        log.info("Response " + doGet.getData());
        Assert.assertEquals(doGet.getResponseCode(), 404, "Restricted API definition can be accessed by anonymous user");
        HashMap hashMap2 = new HashMap();
        hashMap2.put("Authorization", "Bearer " + this.devUser1.getAccessToken());
        HttpResponse doGet2 = HTTPSClientUtils.doGet(this.storeURLHttps + "api/am/devportal/v2/apis/" + this.apiId + "/swagger", hashMap2);
        log.info("Response " + doGet2.getData());
        Assert.assertEquals(doGet2.getResponseCode(), 200, "Restricted API definition cannot be accessed by user with role " + this.DEV_USER_A_ROLE);
        HashMap hashMap3 = new HashMap();
        hashMap3.put("Authorization", "Bearer " + this.devUser2.getAccessToken());
        HttpResponse doGet3 = HTTPSClientUtils.doGet(this.storeURLHttps + "api/am/devportal/v2/apis/" + this.apiId + "/swagger", hashMap3);
        log.info("Response " + doGet3.getData());
        Assert.assertEquals(doGet3.getResponseCode(), 404, "Restricted API definition can be accessed by user with " + this.DEV_USER_B_ROLE + " role");
        HashMap hashMap4 = new HashMap();
        hashMap4.put("Authorization", "Bearer " + this.pubSubUserStore.getAccessToken());
        HttpResponse doGet4 = HTTPSClientUtils.doGet(this.storeURLHttps + "api/am/devportal/v2/apis/" + this.apiId + "/swagger", hashMap4);
        log.info("Response " + doGet4.getData());
        Assert.assertEquals(doGet4.getResponseCode(), 200, "Restricted API definition not visible for publisher user");
    }

    @AfterClass(alwaysRun = true)
    public void destroy() throws Exception {
        this.restAPIPublisher.deleteAPI(this.apiId);
        if (TestUserMode.SUPER_TENANT_EMAIL_USER.equals(this.userMode) || TestUserMode.TENANT_EMAIL_USER.equals(this.userMode)) {
            this.userManagementClient1.updateRolesOfUser(this.user.getUserNameWithoutDomain(), this.OLD_ROLE_LIST);
        }
        this.userManagementClient1.deleteUser(this.DEV_USER_A);
        this.userManagementClient1.deleteUser(this.DEV_USER_B);
        this.userManagementClient1.deleteUser(this.DEV_USER_C);
        this.userManagementClient1.deleteUser(this.PUB_SUB_USER);
        this.userManagementClient1.deleteRole(this.DEV_USER_A_ROLE);
        this.userManagementClient1.deleteRole(this.DEV_USER_B_ROLE);
        super.cleanUp();
    }
}
